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ABSTRACT 



Biometric identification is combined with digital certificates 
for electronic authentication as biometric certificates. The 
biometric certificates are managed through the use of a 
biometric certificate management system. Biometric certifi- 
cates may be used in any electronic transaction requiring 
authentication of the participants. Biometric data is pre- 
stored in a biometric database of the biometric certificate 
management system by receiving data corresponding to 
physical characteristics of registered users through a bio- 
metric input device. Subsequent transactions to be con- 
ducted over a network have digital signatures generated 
from the physical characteristics of a current user and from 
the electronic transaction. The electronic transaction is 
authenticated by comparison of hash values in the digital 
signature with re-created hash values. The user is authenti- 
cated by comparison against the pre-stored biometric cer- 
tificates of the physical characteristics of users in the bio- 
metric database. 

10 Claims, 5 Drawing Sheets 
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BIOMETRIC CERTIFICATES 

CROSS-REFERENCE TO RELATED 
APPLICATIONS 

This application claims priority under 35 USC §119 of 
provisional application 60/046,012 filed May 9, 1997, the 
entire disclosure of which is hereby incorporated by refer- 
ence. 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

This disclosure relates generally to the field of secure 
communications, and in particular to the issuance and man- 
agement of certificates for authenticating messages. 

2. Description of Related Art 

The use of computer networks and telecommunication 
systems for various transactions has markedly increased in 
recent years. Traditional transactions such as shopping, 
purchasing, banking, and investment services have experi- 
enced growth in new directions due to the application of 
computers and telecommunications. 

While traditional transactions have heretofore been con- 
ducted typically on a person-to-person basis, many 
telecommunication-based transactions are conducted 
remotely and sight-unseen; i.e. the participants in 
telecommunication -based transactions may never meet. 

With such telecommunication-based transactions, there is 
an increasing need to recognize and verify the authenticity 
of a remote user of electronic services, including such 
services involving consumers of all types of electronic 
transactions such as purchases over the Internet, home 
banking, electronic transfers of funds, and electronic bro- 
kerage services. Such electronic transactions may also 
involve users of remote repositories of data, for example, to 
access classified records, medical records, billing records, 
and unclassified but sensitive data, such as company records. 
Other relevant areas requiring adequate or even absolute 
security include authentication of signers of electronic docu- 
ments such as contracts. In general, any electronic service of 
value, provided over a local network or a public network, 
requires authentication of the requester in order to protect 
the value of the service. More valuable services typically 
require a greater degree of authentication. 

Historically, access to electronic services has been pro- 
vided through identification techniques such as account 
names and authentication techniques such as personal iden- 
tification numbers (PINs) and passwords. Such authentica- 
tion techniques have not proven to be very secure since PINs 
and passwords are often easily guessed, hard to remember, 
or subject to discovery by exhaustive automated searches. 
Recently, digital certificates have emerged as a leading 
candidate for authenticating electronic transactions. 

Ideally, a digital certificate, such as those defined by the 
X,509 and ANSI X.9 standards, allows users or buyers and 
sellers to authenticate electronic documents and electronic 
transactions in a manner analogous to the authentication of 
documents by a Notary Pubhc in person-to-person transac- 
tions. The combination of cryptographic techniques, includ- 
ing public key cryptography, and the use of digital certifi- 
cates provides greater integrity, privacy and a degree of 
authentication for on-line electronic transactions which 
instills a greater level of confidence in the electronic services 
consumer. 

For example, such authenticating certificates in the prior 
art may be generated by concatenating a message and a 
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pubhc key with a set 10 of data as shown in FIG. 1, which 
may be in a sequence and which may include a subject 
unique ID 12 corresponding to the subject; that is, the 
individual or entity such as a corporation, having the public 

5 key. As shown in FIG. 1, other fields in the set 10 of data 
may include a version number, a serial number for the 
certificate with respect to a sequence of generated 
certificates, the name of the issuer, a validity period to 
determine an expiration of validity of the certificate, a 

10 subject name identifying the user or individual sending the 
transaction, an issuer unique ID number, and other data 
extensions indicating privileges and attributes of the 
certificate, such as access privileges. 
The subject unique ID 12 of the user may include M bits 

15 representing, for example, a social security number or a 
password associated with the user sending the transaction. 
Typically, M^-SO bits-mbytes or less. 

The authenticating certificate, being the concatenation of 
the set 10 of data with the pubhc key and the transaction 
data, is then processed, for example, using a hash function 
such as a one-way hashing function, to generate a hashed 
value. The hashed value is then signed; that is, encrypted, 
using the private key of the user to generate a digital 
signature 14. The digital signature 14 is then appended to the 
authenticating certificate and the message, such as an elec- 
tronic transaction, for transmission over, for example, a 
network. 

The X.509 and ANSI X.9 standards described above 
incorporate a hash function to generate unique digital sig- 
natures 14 from a respective set 10 of data. Such one-way 
hashing functions enable the transaction data to be compu- 
tationally infeasible to derive solely from the hash value. 
While the use in the prior art of authenticating certificates 

35 incorporating digital certificates improves transactions 
employing electronic authentication, it still falls short of 
actually authenticating a human transactor, such as a con- 
sumer. Instead, such digital certificates in the prior art only 
authenticate the private cryptographic key used in the trans- 

40 action or signature. Since private keys are physically stored 
on computers and/or electronic storage devices, such private 
keys are not physically related to the entities associated with 
the private keys. For example, a private key is assigned to an 
entity, which may be a group of people, an organization such 

45 as a company, or even groups of organizations, and so 
private keys are not limited to actual human individuals. 

Identification indica of individuals may be subdivided 
into three broad categories: indica based on the physical 
characteristics of the individual, that is, what the individual 

50 is; indicia based on one*s knowledge, such as passwords 
known to the individual; and indicia based on assigned 
information, that is, what another individual has associated 
with the identified individual, or what the identified indi- 
vidual chooses with which to be associated. The first cat- 

55 egory having physical indicia relates to the biometric data of 
an individual, and includes characteristic features such as 
genetic composition, fingerprints, hand geometry, iris and 
retinal appearance, etc., which are unique to each individual, 
with known exceptions such as the identical genetic com- 

60 positions of twins. 

The second and third categories having known and/or 
assigned indicia includes information which the individual 
knows and/or is charged with memorizing and divulging for 
authentication, such as social security number, mother's 

65 maiden name, access codes such as long distance calhng 
card numbers, and personal passwords. The second category 
also includes information and/or objects which the indi- 
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vidual owns and/or is charged with carrying and divulging DESCRIPTION OF THE PREFERRED 

for authentication, such as driver*s licenses and passports. EMBODIMENTS 

Private keys are assigned indicia. Accordingly, the lack of Referring in specific detaU to the drawings, with common 

physical identification of a human transactor with a private reference numbers identifying similar or identical elements, 
key is a flaw in authentication techniques in the prior art 5 steps, and features, as shown in FIG. 2 the present disclosure 

using such private keys. Other authentication and security describes a biometric certification system and method for 

techniques in the prior art are similarly flawed, since many generating biometric certificates from a set 16 of data, 

authentication and security techniques rely on identification including a subject unique ID 18 and biometric data 20. A 

indicia of the second category. digital signature 22 generated using data set 16 is then 

Techniques are known in the art for authenticating an appended to the data set 16 to form the biometric certificate, 

individual based on identification indica of the first category; as shown in FIG. 2. 

that is, by physical characteristics. For example, U.S. Pat. The disclosed biometric certification system is shown in 

No. 4,641,349 to Flom et al. discloses a system for perform- FIGS. 3-5, having biometric registration section 24 shown 

ing iris recognition. Typically, such physical characteristics in FIG. 3, a transmitting section 40 shown in FIG. 4, and a 

identifying techniques require complicated computational receiving section 42 shown in FIG. 5. The biometric regis- 

operations for the capture and accurate classification of tration section 24 processes user biometrics and associated 

physical characteristics, since such physical characteristics inputs to generate biometric certificates which are imique to 

are unique to each individual. Accordingly, the identification the user, and which are stored in a memory such as a 

indicia for such physical characteristics generally requires a biometric database and/or a smart card memory. Once such 
relatively large amount of memory to store and classify such ^0 biometric certificates are stored, a first user may conduct 

identification indicia. biometrically-secured electronic transactions sent from the 

Heretofore, the relatively large computational demands of transaction transmission section 40 of FIG. 4 to the trans- 
authentication techniques based on physical characteristics action reception section 42 of FIG. 5, at which the electronic 
has prevented such authentication techniques from being transaction is authenticated and processed, 
implemented in electronic transactions. Referring to FIG. 3, the registration section 24 has a set 
SUMMARY OF THE INVENTION devices, including a registration biometric input 

device 26 and a user data input device 28. The biometric 

It is recognized herein that biometric identification and input device 26 generates registration biometric data from 

classification in the authentication of electronic transactions the physical characteristics of the user, such as fingerprints, 

provides for increased security and accuracy. hand geometry, iris and retinal appearance, and speech 

A biometric certification system and method are disclosed patterns, 

herein which implements an end-to-end security mechanism The registration biometric input device 26 may include 

binding the biometric identification of consumers with digi- visual cameras and/or other visual readers to input 

tal certificates. The biometric certification system authenti- fingerprints, hand geometry, iris appearance, and retinal 

cates electronic transactions involving a user, and includes a appearance. For example, companies such as IDENTIX, 

biometric input device which responds to a set of physical FUJITSU, and AUTHENTEC provide such equipment for 

characteristics of the user, and generates corresponding first reading fingerprints, while RECOGNITION SYSTEMS 

biometric data related to the physical condition of the user. provides equipment to read hand geometry. EYE-DENTIFY 

Biometric data is pre-stored as biometric certificates in a is an example of a company which provides retinal imaging 

biometric database of the biometric certificate management devices, while IRISCAN and SENSAR are examples of 

system by receiving data corresponding to physical charac- companies which provide iris imaging devices, 

teristics of registered users through a biometric input device. Alternatively, the registration biometric input device 26 

Subsequent transactions to be conducted over a network may be adapted to receive audio characteristics of a user. For \ 

have transaction biometric data generated from the physical example, a microphone in conjunction with a speech digi- l 

characteristics of a current user, which is then appended to tizer may be used to receive and digitize speech. Such j 

the transaction first data, and which then authenticates the companies as BBN, T-NETIX, and ALPHA-TEL provide ' 

user by comparison against the pre-stored biometric data of such equipment for receiving and digitizing speech to gen- 

the physical characteristics of users in the biometric data- erate corresponding biometric data, 

50 Biometric input devices known in the art may be used to 

BRIEF DESCRIPTION OF THE DRAWINGS Tcccivc other physical characteristics such as facial and body ^ 

^ appearance via, for example, a camera, as well as the genetic 

Tlie features of the disclosed biometric certification sys- composition of the user by means of genetic material 

tem and method are readily apparent and are to be under- gathering procedures, such as blood lancets, 

stood by referring to the following detailed description of ^.^^^^^^ ^^^^^^^ ^ ^^^^^ 2 may be 

the preferred embodiments of the present invention, taken in ^^^^^^^^ ^ processing the registration biometric data from 

conjunction with the accompanying drawmgs, in which: f^^ • ♦ u- f - * * j ■ .u 

Ji„ . ... .. . .o . "^^ registration biometric input device 26, processing the 

HG. 1 illustrates an authenticating certificate m the prior j^p^t data such as a user ID from the user data input 

device 28, and processing the public key 30 of the user at a 

FIG. 2 illustrates a biometnc certificate of the disclosed biometric certificate generator 32 of a registration authority 

biometnc certification system and method; 34, Such input data are processed with the private key 36 of 

FIG. 3 illustrates a biometric certificate registration appa- a certifying authority to generate a digital biometric certifi- 

ral^i cate 38 which is sent to the memory for storage and 

FIG. 4 illustrates an electronic transaction transmission subsequent use to authenticate the first user and associated 
section; and 65 electronic transactions of the first user. 

FIG. 5 illustrates an electronic transaction reception and llie registration biometric data 20 to be incorporated into 

processing section. the biometric certificate of FIG. 2 is obtained directly from 
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the physical characteristics of the subject through the bio- In addition, at the transaction transmission section 40 of 

metric input device 26. The subject unique ID 18 of the user FIG. 4, both of the transaction biometric data 46 and the 

may include M bits, in which typically M-50 bits-6 bytes transaction first data 50 are processed, for example, using a 

or less, while the biometric data 20 typicaUy includes much first hash function 52, such as a one-way hashing fiinction, 

more data than the subject unique ID 18. Generally, the 5 to generate a first hashed value. RSA and SHA-1 are 

biometric data 20 has N bits in which N may be very large, examples of pubUc key cryptographic methods and one-way 

.such as^aboul 500 bytes In fact, the amount of the biometnc hashing which may be used for such encryption and hashing 

data 20 is unlimited; for example, a fingerprint may be f^^^^^^^^ described, for example, in 

visuaUy scanned to any resolution to obtain key fingerprmt ^ ^ p^, 4,405,829 to Rivest et al., which is incorpo- 

^ryroSnTa?a"SrS^^^^^^ - '^-^ ^rP^; ^ '^l^^XTrh 

print Accordingly, the biometric data 20 may require large .^r?'"' l^'' 5.623,545 to Childs el al.. 

amounts of memory for storage such as 2 kB or even 4 MB. "^^""^ mcorporated herein by reference. 

Accordingly, in the preferred embodiment, N is much ^hf •'^^ed value is then sent to a digital signature 

greater than M fiinction 54, in which the hashed value is signed; that is, , , 

Prior to use Of the disclosed biometric certification system encrypted, using the private key 56 of the first user to ^ 

and method, the biometric database 66 is built using, for generate a digital signature 58, incorporating the first hash 

example, a registration process in which individuals are value. Tlie digital signature 58 is then sent to the network 60. 

required to provide proof of identity; that is, identification The set of data transmissions constituting the transaction 

information such as a birth certificate, a driver's license, biometric data 46, the transaction first data 50, and the 

provided to a registration authority. Once the registration ^'^^^^^^ signature 58 may be sent as separate bitslreams 

authority is satisfied with such proof, the identification ^nd/or data packets, or otherwise may be sent together by 

information is entered into the registration system 24 and appending the associated data sequences using a 

biometric measurements are then taken concurrently using at concatenator, such as an adder for bitwise adding of the data 

least one biometric input device 26, as shown in FIG. 3, sequences. In addition, software may be used to append such 

Such stored biometric measurements form the pre-stored data 46, 50 and 58 may be sent to the network 60, 
biometric data in the biometric database 66 which corre- ^^ich may include telephone networks, satellite 
sponds to the pre-registered individuals who have undergone communications, and/or the Internet, 
the registration process described above. Accordingly, pre- Referring to FIG. 5, after receiving the electronic trans- 
registered individuals may be properly authenticated, while 30 action from the network 60, the receiving section 42 sends 
unregistered individuals are rejected, within the cross-over ^^er ID data 62 from the transaction first data 50 to be 
error rate. to a biometric certificate extractor 64. The biometric 
i The biometric certificates 38 are then sent to be stored in certificate extractor 64 uses the user ID data 62 to access a 
a memory, such as a biometric database or a memory of a corresponding biometnc certificate stored in the memory 66, / 
smart card, as shown as the memory 66 in HG. 5. The 35 ^^^^ ^ biometric database or smart card memory. That 
registration system 24 of FIG. 3 may be located at a central ^ ^"^^ previously stored corresponding 
registration station associated with a network, such that the biometnc certificates generated from biometnc charactens- 
corresponding biometric certificates of a user may be tics of the first user using the registration system 24 shown 
directly and securely stored in the memory 66, such as a biometnc certificate of the first user may be 
central biometric database of a network or an individual 40 "^^^^^^ according to the user ID data, such as the social 
memory of a smart card of the user. Accordingly, the central security number, of the first user. 

biometric database as the memory 66 may serve a network The memory 66 may receive the user ID data 62, or 

of users conducting transactions, such as electronic com- otherwise may receive a command from the biometric 

merce (E-commerce), over the Internet and other networks. certificate extractor 64 to retrieve any biometric certificate 

Altematively, a smart card of the first user having the 45 corresponding to the user ID data 62 of the first user. If none 

memory 66 may pre-store the biometric certificates, such are available, the receiving section 42 may generate a 

that kiosks and other devices such as terminals and auto- rejection signal, for example, at the biometric certificate 

matic teller machines (ATMs) may access the memory 66 extractor 64, to indicate that no biometric certificate is 

and obtain the secured biometric certificate of the first user. available. 

Referring to FIGS. 4-5, to conduct an electronic 50 Accordingly, any user requesting authentication of an 

transaction, the first user uses the transaction system 40 in electronic transaction but failing to be registered; that is, to 

FIG. 4. The first user uses a transaction biometric input have a corresponding pre-stored biometric certificate stored 

device 44 to generate transaction biometric data 46 as in the memory 66, is not authenticated. The receiving section 

contemporaneous biometrics associate with the first user. 42 may generate a corresponding message of non- 

The first user also generates transaction first data 50 through 55 authentication, and may also send such a message through 

a transaction data input device 48. For example, the trans- the network 60 to the transmitting section 40 to indicate no 

action first data 50 may include selections of products to be authenticity in the transaction. 

purchased over the Internet, or may include electronic funds Otherwise, if a biometric certificate is available for the 

transfers through an ATM. The transaction first data 50 also first user having conesponding user ID data, the biometric 

includes user ID data identifying the first user and associ- 60 certificate 68 is retrieved and sent to the biometric certificate 

ating the first user with the remainder of the transaction first extractor 64 to decrypt the biometric certificate 68 using the [y 

data. pubUc key 70 of the certifying authority. Thus, the biometric 

Both of the transaction biometric data 46 and the trans- certificate extractor 64 obtains the decrypted registration 

action first data 50 are sent over the network 60 unchanged biometric data 72 and the decrypted user public key 74 

and in the clear, or optionally encrypted by additional 65 associated with the first user. 

encryption techniques known in the art, to be received by the The decrypted user public key 74 is then sent to a 

transaction reception section 42, as shown in FIG. 5. decryptor to decrypt the digital signature 58 sent over the 
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network 60 from the transmitting section 40. The decryptor The receiving section 42 shown in FIG. 5 may respond to 

76 then extracts the first hash value which was incorporated the validation signals 82, 86 to process the transaction first 

into the digital signature 58 by the first hash function 52. data 50, such as an on-line purchase or an electronic funds 

The receiving section 42 authenticates the first hash value transfer. Accordingly, transaction processing systems (not 

by attempting to recreate the first hash value using a second 5 shown) may also be included in the receiving section 42. 

hash function 78 which is identical to the first hash function Alternatively, the receiving section 42 of FIG. 5 may be 

52 of the transmitting section 40. The second hash function coupled to external transaction processing systems. 

78 receives the transaction biometric data 46 and the trans- In another alternative embodiment, the receiving section 

action first data 50 from the network 60, which were sent may include an AND circuit 88 shown in FIG. 5, such as a 

from the transmitting section 40 in the clear, or optionally jq logic AND gate or other logic mechanisms, for generating a 

encrypted by additional encryption techniques known in the final validation signal 90 from the validation signals 82, 86. 

art. The second hash function 78 thus generates a second Accordingly, if and only if both of the classifiers 80, 84 

hash value from the same input data applied to the first hash determine that the transaction biometric data 46 as well as 

function 52. the transaction first data 50 have been sufficiently securely 

The first and second hash values are then compared by a transmitted over the network 60, then a final validation 

first classifier 80, such as a comparator or matching routines signal 90 reflecting the security of the overall transaction is 

in software, for determining a match between the first and generated. 

second hash values, A first validation signal 82 is generated Although the first classifier 80 is a perfect classifier; that 

to indicate whether or not both independently generated is, only an exact match of the hash values generates an 

hash values match. authentication, the second classifier 84 may generate per- 

If both match, then the receiving section 42 thus deter- centages reflecting relative authenticity and /or scaled 

mines that both of the transaction biometric data 46 and the numerical values on an authenticity scale to reflect the error 

transaction first data 50, in combination, are authentic and tolerance of the second classifier 84 and/or the cross-over 

have not been modified during transmission over the net- error rates associated with biometrics. Accordingly, the 

work 60. 2^ application of fuzzy logic may be used to generate a crisp 

In addition, the receiving section 42 determines whether determination of the authenticity of the transaction biometric 

the electronic transaction is indeed from the indicated user data 46 as the second validation signal 86. 

corresponding to the transaction biometric data 46; that is. Using biometric certificates, cross-over error rates for 

transaction biometric data 46 may not be authentic, or identification and authentication may be below about 2.0%, 

alternatively, the decrypted iiser public key 74 may be a 3Q and may even be also low as about 0.5%. The application of 

public key 74 commonly shared by a specific group of more advanced biometric input devices 26, 44 and classifiers 

people such as employees of a specMc company. 80, 84 known in the art may obtain substantially perfect 

Accordingly, the receiving section 42 compares the bio- authentication of any individual from the global population, 

metric data of the first user generated during the transaction. The disclosed biometric certification system and method 

as the transaction biometric data 46, with the registration 35 may include electronic transactions using a network as 

biometric data generated at an earlier date from the first user described in commonly assigned U.S. patent application Ser. 

during a registration process using the registration system No. 08/770,824, filed Dec. 20, 1996 and entitled "VIRTUAL 

24. The registration biometric data, which is decrypted by CERTIFICATE AUTHORITY, which is incorporated herein 

the biometric certificate extractor 64 to be the decrypted by reference. Such a system can be adapted to include the 

registration biometric data 72, is applied to a second clas- 40 use of biometric certificates as described herein for crypto - 

sifier 84 to be compared to the transaction biometric data 46 graphically binding the biometric data of a user with iden- 

which is sent over the network 60 in the clear, or optionally tification information to form such biometric certificates, 

encrypted by additional encryption techniques known in the The use of public key technology aUows the transaction/ 

art. signature authentication process to be done either centrally 

The second classifier 84 may be a comparator, or alter- 45 or remotely, depending upon the needs of the transaction, 

natively a software routine or other hardware/software While the disclosed biometric certification system and 

devices implementing data matching techniques, for com- method is particularly shown and described herein with 

paring the biometric data to obtain a decision value. reference to the preferred embodiments, it is to be under- 

Alteraatively, the second classifier 84 may be a trained stood that various modifications in form and detail may be 

neural network and/or a fuzzy logic classifier for classifying 50 made therein without departing from the scope and spirit of 

whether or not, within an error tolerance, the sets of bio- the present invention. Accordingly, modifications, such as 

metric data 46, 72 were obtained from the same individual any examples suggested herein, but not limited thereto, are 

using biometric input devices. Such classification methods to be considered within the scope of the present invention, 

for authentication of images and data sequences using neural What is claimed is: 

networks are described, for example, in U.S. Pal. No. 55 1- A method for authenticating an electronic transaction 

5,619,620 to Eccles, which is incorporated herein by refer- involving a user, comprising the steps of: 

ence. registering a user, including the steps of: 

The second classifier 84 then generates a decision in the receiving a registration set of physical characteristics of 

form of a second validation signal 86, which may be logic the user at a biometric input device; 

values corresponding to YES or NO, or TRUE or FALSE, 60 generating registration biometric data corresponding to 

indicating verification of the authenticity of the user sending the registration set of physical characteristics; 

the electronic transaction. Alternatively, the authentication generating a biometric certificate from the registration 

decision may be a numerical value, for example, corre- biometric data, user input data, a public key of the 

sponding to a percentage of confidence of authenticity. The user, and a digital signature; and 

second classifier 86 may include a predetermined threshold 65 storing the biometric certificate in a biometric database; 

of, for example, 98% authenticity, to be exceeded in order to transmitting an electronic transaction over a network, the 

proceed with the processing of the electronic transaction. electronic transaction including transaction biometric 
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data, traasaction first data, and a digital signature 
generated from the transaction biometric data and the 
transaction first data, the step of transmitting including 
the steps of: 

receiving a current set of physical characteristics of the 5 
user; 

generating the transaction biometric data from the 
current set related to the physical condition of the 
user; 

generating a first hash value signal from the transaction 10 
first data and the transaction biometric data; 

generating the digital signature from the hash value and 
a private key signal of the user; 

transmitting the digital signature over the network; and 

transmitting the transaction biometric data and the 15 
transaction first data over the network; and 
authenticating the electronic transaction, including the 

steps of: 

receiving the digital signature, the transaction biomet- 
ric data and the transaction first data from the net- 20 
work; 

retrieving user identification (ID) data from the trans- 
action first data; 

retrieving a biometric certificate, corresponding to the 
user ID data, from the biometric database; 25 

extracting the registration biometric data and the user 
public key from the biometric certificate; 

decrypting the digital signature using the user public 
key to retrieve the first hash value from the digital 
signatixre; 30 

generating a second hash value from the transaction 
biometric data and the transaction first data; 

comparing the first hash value to the second hash value 
using a first classifier; 

generating a first validation signal to authenticate the 
transmission of the transaction first data and the 
transaction biometric data based on the comparison 
by the first classifier; 

comparing the registration biometric data and the trans- 
action biometric data using a second classifier; and ^'^ 

generating a second validation signal to authenticate 
the user based on the comparison by the second 
classifier 

2. The method of claim 1, wherein the step of authenti- 
cating further comprises the step of: 

ANDing the first and second validation signals. 

3. The method of claim 1, wherein the step of receiving 
a registration set of physical characteristics of the user 
includes the step of: 

receiving visual characteristics of the user using a visual 
reader as the biometric input device. 

4. The method of claim 1, wherein the step of receiving 
a registration set of physical characteristics of the user 
includes the step of: 

receiving speech characteristics of the user using a speech 
digitizer as the biometric input device. 

5. The method of claim 1, wherein the step of generating 
the registration biometric data includes the step of: 

generating a bit sequence greater than about 500 bytes in 60 
length as the registration biometric data. 
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6. A system for authenticating an electronic transaction 
involving a user, comprising: 

a registration section configured to register a user by 
receiving a registration set of physical characteristics of 
the user at a biometric input device, generating regis- 
tration biometric data corresponding to the registration 
set of physical characteristics, generating a biometric 
certificate from the registration biometric data, user 
input data, a public key of the user, and a digital 
signature, and storing the biometric certificate in a 
biometric database; 

a transmission section configured to transmit an electronic 
transaction over a network, the electronic transaction 
including transaction biometric data, transaction first 
data, and a digital signature generated from the trans- 
action biometric data and the transaction first data, the 
transmitting section receiving a current set of physical 
characteristics of the user, generating the transaction 
biometric data from the current set related to the 
physical condition of the user, generating a first hash 
value signal from the transaction first data and the 
transaction biometric data, generating the digital sig- 
nature from the hash value and a private key signal of 
the user, transmitting the digital signamre over the 
network, and transmitting the transaction biometric 
data and the transaction first data over the network; and 

an authentication section configured to authenticate the 
electronic transaction by receiving the digital signature, 
the transaction biometric data and the transaction first 
data from the network, retrieving user identification 
(ID) data from the transaction first data, retrieving a 
biometric certificate, corresponding to the user ID data, 
from the biometric database, extracting the registration 
biometric data and the user public key from the bio- 
metric certificate, decrypting the digital signature using 
the user public key to retrieve the first hash value from 
the digital signature, generating a second hash value 
from the transaction biometric data and the transaction 
first data, comparing the first hash value to the second 
hash value using a first classifier, generating a first 
validation signal to authenticate the transmission of the 
transaction first data and the transaction biometric data 
based on the comparison by the first classifier, com- 
paring the registration biometric data and the transac- 
tion biometric data using a second classifier, and gen- 
erating a second validation signal to authenticate the 
user based on the comparison by the second classifier. 

7. The system of claim 6, wherein the authentication 
section is further configured to AND the first and second 
validation signals. 

8. The system of claim 6, wherein the registration section 
is configured to receive visual characteristics of the user 
using a visual reader as the biometric input device. 

9. The system of claim 6, wherein the registration section 
is configured to receive speech characteristics of the user 
using a speech digitizer as the biometric input device. 

10. The system of claim 6, wherein the registration section 
is configured to generate a bit sequence greater than approxi- 
mately 500 bytes in length as the registration biometric data. 
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